mirror of
https://sourceware.org/git/glibc.git
synced 2024-11-15 01:21:06 +00:00
9e38f455a6
When CET is enabled, it is an error to dlopen a non CET enabled shared library in CET enabled application. It may be desirable to make CET permissive, that is disable CET when dlopening a non CET enabled shared library. With the new --enable-cet=permissive configure option, CET is disabled when dlopening a non CET enabled shared library. Add DEFAULT_DL_X86_CET_CONTROL to config.h.in: /* The default value of x86 CET control. */ #define DEFAULT_DL_X86_CET_CONTROL cet_elf_property which enables CET features based on ELF property note. --enable-cet=permissive it to /* The default value of x86 CET control. */ #define DEFAULT_DL_X86_CET_CONTROL cet_permissive which enables CET features permissively. Update tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and tst-cet-legacy-6b to check --enable-cet and --enable-cet=permissive.
87 lines
2.2 KiB
C
87 lines
2.2 KiB
C
/* Check compatibility of CET-enabled executable with dlopened legacy
|
|
shared object.
|
|
Copyright (C) 2019-2020 Free Software Foundation, Inc.
|
|
This file is part of the GNU C Library.
|
|
|
|
The GNU C Library is free software; you can redistribute it and/or
|
|
modify it under the terms of the GNU Lesser General Public
|
|
License as published by the Free Software Foundation; either
|
|
version 2.1 of the License, or (at your option) any later version.
|
|
|
|
The GNU C Library is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Lesser General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Lesser General Public
|
|
License along with the GNU C Library; if not, see
|
|
<https://www.gnu.org/licenses/>. */
|
|
|
|
#include <dlfcn.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <stdbool.h>
|
|
#include <string.h>
|
|
#include <x86intrin.h>
|
|
#include <support/check.h>
|
|
|
|
#if defined CET_IS_PERMISSIVE || defined CET_DISABLED_BY_ENV
|
|
# define CET_MAYBE_DISABLED 1
|
|
#else
|
|
# define CET_MAYBE_DISABLED 0
|
|
#endif
|
|
|
|
static void
|
|
do_test_1 (const char *modname, bool fail)
|
|
{
|
|
int (*fp) (void);
|
|
void *h;
|
|
|
|
h = dlopen (modname, RTLD_LAZY);
|
|
if (h == NULL)
|
|
{
|
|
const char *err = dlerror ();
|
|
if (fail)
|
|
{
|
|
if (strstr (err, "rebuild shared object with SHSTK support enabled")
|
|
== NULL)
|
|
FAIL_EXIT1 ("incorrect dlopen '%s' error: %s\n", modname, err);
|
|
|
|
return;
|
|
}
|
|
|
|
FAIL_EXIT1 ("cannot open '%s': %s\n", modname, err);
|
|
}
|
|
|
|
/* NB: dlopen should never fail on non-CET platforms. If SHSTK is
|
|
disabled, assuming IBT is also disabled. */
|
|
bool cet_enabled = _get_ssp () != 0 && !CET_MAYBE_DISABLED;
|
|
if (fail && cet_enabled)
|
|
FAIL_EXIT1 ("dlopen should have failed\n");
|
|
|
|
fp = dlsym (h, "test");
|
|
if (fp == NULL)
|
|
{
|
|
printf ("cannot get symbol 'test': %s\n", dlerror ());
|
|
exit (1);
|
|
}
|
|
|
|
if (fp () != 0)
|
|
{
|
|
puts ("test () != 0");
|
|
exit (1);
|
|
}
|
|
|
|
dlclose (h);
|
|
}
|
|
|
|
static int
|
|
do_test (void)
|
|
{
|
|
do_test_1 ("tst-cet-legacy-mod-5a.so", true);
|
|
do_test_1 ("tst-cet-legacy-mod-5b.so", false);
|
|
return 0;
|
|
}
|
|
|
|
#include <support/test-driver.c>
|